summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2012-02-17 11:50:27 -0500
committerStephen Gallagher <sgallagh@redhat.com>2012-04-25 08:47:23 -0400
commit1575084d8ba8800574c72ee0615a0afadca8375c (patch)
treeba75b4ddbbbfe81806fb95e62af5aaa13628bdeb
parent1072b8cc7890bba0180f69765875b3d2198c6729 (diff)
downloadsssd-1575084d8ba8800574c72ee0615a0afadca8375c.tar.gz
sssd-1575084d8ba8800574c72ee0615a0afadca8375c.tar.xz
sssd-1575084d8ba8800574c72ee0615a0afadca8375c.zip
RESPONDERS: Allow increasing the file-descriptor limitsssd-1.5.1-51.el5
This patch will increase the file descriptor limit to 8k or the limits.conf maximum, whichever is lesser. https://fedorahosted.org/sssd/ticket/1197
-rw-r--r--src/responder/common/responder.h3
-rw-r--r--src/responder/common/responder_common.c37
-rw-r--r--src/responder/nss/nsssrv.c4
-rw-r--r--src/responder/pam/pamsrv.c5
4 files changed, 49 insertions, 0 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index 29bfff06e..c17ccdf1c 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -25,6 +25,7 @@
#include <stdint.h>
#include <sys/un.h>
#include <pcre.h>
+#include <sys/resource.h>
#include "config.h"
#include "talloc.h"
#include "tevent.h"
@@ -173,4 +174,6 @@ int sss_dp_send_acct_req(struct resp_ctx *rctx, TALLOC_CTX *callback_memctx,
bool sss_utf8_check(const uint8_t *s, size_t n);
+void responder_set_fd_limit(rlim_t fd_limit);
+
#endif /* __SSS_RESPONDER_H__ */
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index af7a99efd..261d91fb7 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -683,3 +683,40 @@ int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain,
return EOK;
}
+
+void responder_set_fd_limit(rlim_t fd_limit)
+{
+ struct rlimit current_limit, new_limit;
+ int limret;
+
+ /* First determine the maximum hard limit */
+ limret = getrlimit(RLIMIT_NOFILE, &current_limit);
+ if (limret == 0) {
+ DEBUG(7,
+ ("Current fd limit: [%d]\n",
+ current_limit.rlim_cur));
+ /* Choose the lesser of the requested and the hard limit */
+ if (current_limit.rlim_max < fd_limit) {
+ new_limit.rlim_cur = current_limit.rlim_max;
+ } else {
+ new_limit.rlim_cur = fd_limit;
+ }
+ new_limit.rlim_max = current_limit.rlim_max;
+
+ limret = setrlimit(RLIMIT_NOFILE, &new_limit);
+ if (limret == 0) {
+ DEBUG(6,
+ ("Maximum file descriptors set to [%d]\n",
+ new_limit.rlim_cur));
+ } else {
+ DEBUG(2,
+ ("Could not set new fd limits. Proceeding with [%d]\n",
+ current_limit.rlim_cur));
+ }
+ } else {
+ DEBUG(2,
+ ("Could not determine fd limits. "
+ "Proceeding with system values\n"));
+ }
+}
+
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index cb0acfe13..cfc6c588f 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -47,6 +47,7 @@
#define SSS_NSS_PIPE_NAME "nss"
#define DEFAULT_PWFIELD "*"
+#define DEFAULT_NSS_FD_LIMIT 8192
#define SHELL_REALLOC_INCREMENT 5
#define SHELL_REALLOC_MAX 50
@@ -315,6 +316,9 @@ int nss_process_init(TALLOC_CTX *mem_ctx,
return EIO;
}
+ /* Set up file descriptor limits */
+ responder_set_fd_limit(DEFAULT_NSS_FD_LIMIT);
+
DEBUG(1, ("NSS Initialization complete\n"));
return EOK;
diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c
index 91ee4a899..1bed212ed 100644
--- a/src/responder/pam/pamsrv.c
+++ b/src/responder/pam/pamsrv.c
@@ -44,6 +44,8 @@
#include "responder/pam/pamsrv.h"
#include "responder/common/negcache.h"
+#define DEFAULT_PAM_FD_LIMIT 8192
+
#define SSS_PAM_SBUS_SERVICE_VERSION 0x0001
#define SSS_PAM_SBUS_SERVICE_NAME "pam"
@@ -174,6 +176,9 @@ static int pam_process_init(TALLOC_CTX *mem_ctx,
goto done;
}
+ /* Set up file descriptor limits */
+ responder_set_fd_limit(DEFAULT_PAM_FD_LIMIT);
+
ret = EOK;
done: